Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-2229 (GCVE-0-2026-2229)
Vulnerability from cvelistv5 – Published: 2026-03-12 20:27 – Updated: 2026-06-30 12:06| Vendor | Product | Version | |
|---|---|---|---|
| undici | undici |
Affected:
< 6.24.0; 7.0.0 < 7.24.0
Unaffected: 6.24.0: 7.24.0 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 8) |
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Developer Hub 1.8 |
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.16 |
cpe:/a:redhat:openshift_ai:2.16::el8 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.28 |
cpe:/a:redhat:openshift_devspaces:3.28::el9 |
|
| Red Hat | Red Hat OpenShift Pipelines 1.2 |
cpe:/a:redhat:openshift_pipelines:1.20::el9 |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | Red Hat Developer Hub |
cpe:/a:redhat:rhdh:1 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Self-service automation portal 2 |
cpe:/a:redhat:ansible_portal:2 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T13:06:30.575811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T13:06:46.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.16::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.28::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.28",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Pipelines 1.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_portal:2"
],
"defaultStatus": "affected",
"product": "Self-service automation portal 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-12T20:27:05.600Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:06:58.858Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"name": "RHBZ#2447143",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2229.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21772"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21931"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:17789: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:7310: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:7080: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:7675: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:7123: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7670: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7983: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7302: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:7350: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:9742: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:13826: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:5807: Red Hat OpenShift AI 2.16"
},
{
"lang": "en",
"value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
},
{
"lang": "en",
"value": "RHSA-2026:21931: Red Hat OpenShift Pipelines 1.2"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-12T21:01:29.187Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-12T20:27:05.600Z",
"value": "Made public."
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/nodejs/undici/",
"defaultStatus": "unaffected",
"packageName": "undici",
"product": "undici",
"repo": "https://github.com/nodejs/undici/",
"vendor": "undici",
"versions": [
{
"status": "affected",
"version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
},
{
"status": "unaffected",
"version": "6.24.0: 7.24.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Matteo Collina"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ulises Gasc\u00f3n"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Rafael Gonzaga"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Ethan Arrowood"
},
{
"lang": "en",
"type": "reporter",
"value": "Aisle Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\u003c/p\u003e\u003cp\u003eThe vulnerability exists because:\u003c/p\u003e\u003col\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003eisValidClientWindowBits()\u003c/code\u003e\u0026nbsp;function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\u003c/li\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003ecreateInflateRaw()\u003c/code\u003e\u0026nbsp;call is not wrapped in a try-catch block\u003c/li\u003e\u003cli\u003eThe resulting exception propagates up through the call stack and crashes the Node.js process\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u00a0server_max_window_bits\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u00a0server_max_window_bits\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n * The\u00a0isValidClientWindowBits()\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n * The\u00a0createInflateRaw()\u00a0call is not wrapped in a try-catch block\n * The resulting exception propagates up through the call stack and crashes the Node.js process"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248 Uncaught exception",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:27:05.600Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"url": "https://hackerone.com/reports/3487486"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"source": {
"advisory": "GHSA-v9p9-hfj2-hcw8",
"discovery": "UNKNOWN"
},
"title": "undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2026-2229",
"datePublished": "2026-03-12T20:27:05.600Z",
"dateReserved": "2026-02-08T17:51:16.985Z",
"dateUpdated": "2026-06-30T12:06:58.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-2229",
"date": "2026-07-01",
"epss": "0.00874",
"percentile": "0.5447"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-2229\",\"sourceIdentifier\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"published\":\"2026-03-12T21:16:25.573\",\"lastModified\":\"2026-06-30T03:18:12.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u00a0server_max_window_bits\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u00a0server_max_window_bits\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\\n\\nThe vulnerability exists because:\\n\\n * The\u00a0isValidClientWindowBits()\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\\n * The\u00a0createInflateRaw()\u00a0call is not wrapped in a try-catch block\\n * The resulting exception propagates up through the call stack and crashes the Node.js process\"},{\"lang\":\"es\",\"value\":\"Impacto\\nEl cliente WebSocket undici es vulnerable a un ataque de denegaci\u00f3n de servicio debido a la validaci\u00f3n incorrecta del par\u00e1metro server_max_window_bits en la extensi\u00f3n permessage-deflate. Cuando un cliente WebSocket se conecta a un servidor, anuncia autom\u00e1ticamente soporte para la compresi\u00f3n permessage-deflate. Un servidor malicioso puede responder con un valor server_max_window_bits fuera de rango (fuera del rango v\u00e1lido de zlib de 8-15). Cuando el servidor env\u00eda posteriormente un frame comprimido, el cliente intenta crear una instancia zlib InflateRaw con el valor windowBits no v\u00e1lido, causando una excepci\u00f3n RangeError s\u00edncrona que no es capturada, lo que resulta en la terminaci\u00f3n inmediata del proceso.\\n\\nLa vulnerabilidad existe porque:\\n\\n * La funci\u00f3n isValidClientWindowBits() solo valida que el valor contiene d\u00edgitos ASCII, no que caiga dentro del rango v\u00e1lido 8-15\\n * La llamada a createInflateRaw() no est\u00e1 envuelta en un bloque try-catch\\n * La excepci\u00f3n resultante se propaga a trav\u00e9s de la pila de llamadas y bloquea el proceso de Node.js\"}],\"affected\":[{\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"affectedData\":[{\"vendor\":\"undici\",\"product\":\"undici\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://github.com/nodejs/undici/\",\"packageName\":\"undici\",\"repo\":\"https://github.com/nodejs/undici/\",\"versions\":[{\"version\":\"\u003c 6.24.0; 7.0.0 \u003c 7.24.0\",\"status\":\"affected\"},{\"version\":\"6.24.0: 7.24.0\",\"status\":\"unaffected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.16::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.28\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.28::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Pipelines 1.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Self-service automation portal 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_portal:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-13T13:06:30.575811Z\",\"id\":\"CVE-2026-2229\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"},{\"lang\":\"en\",\"value\":\"CWE-1284\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"6.24.0\",\"matchCriteriaId\":\"C08CE582-019D-4A06-910A-6010C2D6EF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.24.0\",\"matchCriteriaId\":\"F016E7D9-C45A-4DEF-9AD8-F0581AF5E509\"}]}]}],\"references\":[{\"url\":\"https://cna.openjsf.org/security-advisories.html\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://datatracker.ietf.org/doc/html/rfc7692\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://hackerone.com/reports/3487486\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://nodejs.org/api/zlib.html#class-zlibinflateraw\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13826\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17789\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21772\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21931\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5807\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7080\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7123\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7302\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7310\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7350\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7670\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7675\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7983\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9742\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-2229\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2447143\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2229.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-2229\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-13T13:06:30.575811Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-13T13:06:41.726Z\"}}], \"cna\": {\"title\": \"undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation\", \"source\": {\"advisory\": \"GHSA-v9p9-hfj2-hcw8\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Matteo Collina\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"Ulises Gasc\\u00f3n\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"Rafael Gonzaga\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"Ethan Arrowood\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Aisle Research\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/nodejs/undici/\", \"vendor\": \"undici\", \"product\": \"undici\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 6.24.0; 7.0.0 \u003c 7.24.0\"}, {\"status\": \"unaffected\", \"version\": \"6.24.0: 7.24.0\"}], \"packageName\": \"undici\", \"collectionURL\": \"https://github.com/nodejs/undici/\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"}, {\"url\": \"https://hackerone.com/reports/3487486\"}, {\"url\": \"https://cna.openjsf.org/security-advisories.html\"}, {\"url\": \"https://datatracker.ietf.org/doc/html/rfc7692\"}, {\"url\": \"https://nodejs.org/api/zlib.html#class-zlibinflateraw\"}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\\u00a0server_max_window_bits\\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\\u00a0server_max_window_bits\\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\\n\\nThe vulnerability exists because:\\n\\n * The\\u00a0isValidClientWindowBits()\\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\\n * The\\u00a0createInflateRaw()\\u00a0call is not wrapped in a try-catch block\\n * The resulting exception propagates up through the call stack and crashes the Node.js process\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\u003c/p\u003e\u003cp\u003eThe vulnerability exists because:\u003c/p\u003e\u003col\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003eisValidClientWindowBits()\u003c/code\u003e\u0026nbsp;function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\u003c/li\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003ecreateInflateRaw()\u003c/code\u003e\u0026nbsp;call is not wrapped in a try-catch block\u003c/li\u003e\u003cli\u003eThe resulting exception propagates up through the call stack and crashes the Node.js process\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-248\", \"description\": \"CWE-248 Uncaught exception\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1284\", \"description\": \"CWE-1284 Improper validation of specified quantity in input\"}]}], \"providerMetadata\": {\"orgId\": \"ce714d77-add3-4f53-aff5-83d477b104bb\", \"shortName\": \"openjs\", \"dateUpdated\": \"2026-03-12T20:27:05.600Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-2229\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-13T13:06:46.814Z\", \"dateReserved\": \"2026-02-08T17:51:16.985Z\", \"assignerOrgId\": \"ce714d77-add3-4f53-aff5-83d477b104bb\", \"datePublished\": \"2026-03-12T20:27:05.600Z\", \"assignerShortName\": \"openjs\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:34342
Vulnerability from csaf_redhat - Published: 2026-07-01 14:36 - Updated: 2026-07-01 15:33A flaw was found in the npm library trim where a specifically crafted input can cause a regular expression to take an abnormal amount of time to compute. All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) [DNP] via trim().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A flaw was found in launch-editor, a tool that allows users to open files with line numbers in an editor from Node.js. Due to insufficient sanitization of the `file` argument in the `launchEditor` function, an attacker can execute arbitrary commands on Windows systems by supplying a filename that contains special characters. This can lead to a complete compromise of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NO_PROXY environment variable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the HTML tokenizer component. This vulnerability allows incorrect DOM construction and potential content misplacement via unquoted attribute values ending with a (/) in tags within foreign content contexts such as <math> or <svg>.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) in an exposed go application if an attacker provides specially crafted HTML content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by crafting a malicious URL with three or more parameters in a single segment, separated by non-period characters. This causes the component to generate a bad regular expression, leading to catastrophic backtracking. The overlapping capture groups can consume excessive processing resources, resulting in a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from unintended origins may be trusted, and secure HTTPS connections could be silently downgraded to unencrypted HTTP, resulting in information disclosure and data integrity issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier (URI), it silently ignores Transport Layer Security (TLS) options, such as custom Certificate Authorities (CAs). This allows a remote attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and tampering with HTTPS communications. The connection falls back to Node.js's default trust store, bypassing intended security configurations and potentially leading to information disclosure or arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
A flaw was found in undici. A malicious WebSocket server can exploit this by streaming numerous small or empty continuation frames. This can bypass per-frame and cumulative-size validation, leading to unbounded memory growth in the client process. The primary consequence is memory exhaustion, resulting in a denial of service (DoS) for affected applications using the undici WebSocket client or WebSocketStream API.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could provide specially crafted HTML, which, when parsed by the affected component, would consume excessive CPU resources. This could lead to a Denial of Service (DoS) condition, making the system unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A flaw was found in Picomatch, a JavaScript glob matcher. This Regular Expression Denial of Service (ReDoS) vulnerability allows a remote attacker to cause excessive CPU consumption and block the Node.js event loop, leading to a denial of service. This occurs when untrusted users supply crafted extglob patterns, specifically those using quantifiers like `+()` and `*()` combined with overlapping alternatives or nested extglobs, which can trigger catastrophic backtracking in the compiled regular expressions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Handlebars. An attacker can exploit this by supplying a crafted Abstract Syntax Tree (AST) object to the `Handlebars.compile()` function. This allows the injection and execution of arbitrary JavaScript code due to improper sanitization of the `value` field in `NumberLiteral` AST nodes. This vulnerability can lead to Remote Code Execution (RCE) on the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Handlebars. A remote attacker can exploit this vulnerability by manipulating the `@partial-block` special variable within the template data context. By overwriting `@partial-block` with a specially crafted Abstract Syntax Tree (AST) through a helper, a subsequent invocation of `{{> @partial-block}}` will compile and execute the malicious AST. This enables arbitrary JavaScript execution on the server, leading to potential compromise of the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Handlebars.js. A remote attacker can exploit this by submitting a malformed Handlebars template that includes decorator syntax referencing an unregistered decorator. When the application attempts to compile this template without proper error handling, it triggers an unhandled `TypeError`. This error causes the Node.js process to crash, resulting in a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Handlebars.js. A remote attacker can exploit this vulnerability by providing a specially crafted object within the template context. This crafted object, when processed by a dynamic partial lookup, can bypass security checks and be interpreted as malicious code. This allows the attacker to execute arbitrary commands on the server where Handlebars.js is running.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in Handlebars. The Handlebars command-line interface (CLI) precompiler concatenates user-controlled strings, such as template file names and CLI options, directly into the generated JavaScript without proper escaping or sanitization. An attacker capable of influencing these inputs can inject arbitrary JavaScript code. This can lead to arbitrary code execution when the generated JavaScript bundle is loaded in a Node.js environment or a web browser.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in the `idna` package, specifically within the `golang.org/x/net/idna` component. This vulnerability allows for privilege escalation due to incorrect processing of Punycode-encoded labels. An attacker could craft a malicious Punycode label that, when initially checked, appears safe but then decodes to a restricted ASCII hostname, bypassing security controls and gaining unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — | ||
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
A flaw was found in golang.org/x/net/html. When parsing arbitrary HTML that is subsequently rendered, an unexpected HTML tree can be generated. A remote attacker could leverage this vulnerability to execute Cross-Site Scripting (XSS) attacks in applications that attempt to sanitize input HTML before rendering, potentially leading to unauthorized actions or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Workaround
|
A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le | — |
Workaround
|
|
| Unresolved product id: Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Cluster Observability Operator (COO) is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions (CRDs).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.5 release of COO.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34342",
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2020-7753",
"url": "https://access.redhat.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-33623",
"url": "https://access.redhat.com/security/cve/CVE-2021-33623"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-4068",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-52011",
"url": "https://access.redhat.com/security/cve/CVE-2024-52011"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22870",
"url": "https://access.redhat.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22872",
"url": "https://access.redhat.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47911",
"url": "https://access.redhat.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58190",
"url": "https://access.redhat.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12151",
"url": "https://access.redhat.com/security/cve/CVE-2026-12151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25680",
"url": "https://access.redhat.com/security/cve/CVE-2026-25680"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33671",
"url": "https://access.redhat.com/security/cve/CVE-2026-33671"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33937",
"url": "https://access.redhat.com/security/cve/CVE-2026-33937"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33938",
"url": "https://access.redhat.com/security/cve/CVE-2026-33938"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33939",
"url": "https://access.redhat.com/security/cve/CVE-2026-33939"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33940",
"url": "https://access.redhat.com/security/cve/CVE-2026-33940"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33941",
"url": "https://access.redhat.com/security/cve/CVE-2026-33941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42506",
"url": "https://access.redhat.com/security/cve/CVE-2026-42506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4867",
"url": "https://access.redhat.com/security/cve/CVE-2026-4867"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48779",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6321",
"url": "https://access.redhat.com/security/cve/CVE-2026-6321"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6734",
"url": "https://access.redhat.com/security/cve/CVE-2026-6734"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9697",
"url": "https://access.redhat.com/security/cve/CVE-2026-9697"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/observability/cluster_observability_operator/cluster-observability-operator-release-notes.html",
"url": "https://docs.openshift.com/container-platform/latest/observability/cluster_observability_operator/cluster-observability-operator-release-notes.html"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34342.json"
}
],
"title": "Red Hat Security Advisory: Cluster Observability Operator 1.5.0",
"tracking": {
"current_release_date": "2026-07-01T15:33:51+00:00",
"generator": {
"date": "2026-07-01T15:33:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34342",
"initial_release_date": "2026-07-01T14:36:53+00:00",
"revision_history": [
{
"date": "2026-07-01T14:36:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T14:37:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T15:33:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cluster Observability Operator 1.5.0",
"product": {
"name": "Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cluster_observability_operator:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Cluster Observability Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/alertmanager-rhel9@sha256%3A09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/alertmanager-rhel9\u0026tag=1782840761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-health-analyzer-rhel9@sha256%3A6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9\u0026tag=1782838463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-observability-rhel9-operator@sha256%3Af5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator\u0026tag=1782855737"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-observability-operator-bundle@sha256%3A6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle\u0026tag=1782859385"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboards-console-plugin-rhel9@sha256%3A0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9\u0026tag=1782842349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-rhel9@sha256%3Aa4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9\u0026tag=1782838753"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf4-rhel9@sha256%3A34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9\u0026tag=1782840519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf5-rhel9@sha256%3Af0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9\u0026tag=1782839981"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf6-rhel9@sha256%3A258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9\u0026tag=1782839193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/korrel8r-rhel9@sha256%3A54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/korrel8r-rhel9\u0026tag=1782839157"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-rhel9@sha256%3A110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9\u0026tag=1782841925"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf4-rhel9@sha256%3A841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9\u0026tag=1782839279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf5-rhel9@sha256%3Acdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9\u0026tag=1782840539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-rhel9@sha256%3A1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9\u0026tag=1782838476"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf5-rhel9@sha256%3A9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9\u0026tag=1782844225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf6-rhel9@sha256%3A15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9\u0026tag=1782839658"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-rhel9-operator@sha256%3A33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator\u0026tag=1782839407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel9@sha256%3A3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9\u0026tag=1782839701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256%3A0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9\u0026tag=1782844359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9@sha256%3A4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9\u0026tag=1782839109"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9-operator@sha256%3Ab93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9-operator\u0026tag=1782839191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256%3A631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/prometheus-rhel9\u0026tag=1782840780"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256%3A9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/thanos-rhel9\u0026tag=1782840280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-rhel9@sha256%3A475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9\u0026tag=1782839494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-pf6-rhel9@sha256%3A6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9\u0026tag=1782839996"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"product_identification_helper": {
"purl": "pkg:oci/alertmanager-rhel9@sha256%3Adde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/alertmanager-rhel9\u0026tag=1782840761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-health-analyzer-rhel9@sha256%3A6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9\u0026tag=1782838463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-observability-rhel9-operator@sha256%3A2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator\u0026tag=1782855737"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboards-console-plugin-rhel9@sha256%3Af3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9\u0026tag=1782842349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-rhel9@sha256%3Ad93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9\u0026tag=1782838753"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf4-rhel9@sha256%3A837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9\u0026tag=1782840519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf5-rhel9@sha256%3Af1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9\u0026tag=1782839981"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf6-rhel9@sha256%3A9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9\u0026tag=1782839193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"product_identification_helper": {
"purl": "pkg:oci/korrel8r-rhel9@sha256%3A9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/korrel8r-rhel9\u0026tag=1782839157"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-rhel9@sha256%3Ab8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9\u0026tag=1782841925"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9@sha256%3A8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9\u0026tag=1782839109"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf4-rhel9@sha256%3A91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9\u0026tag=1782839279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf5-rhel9@sha256%3A03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9\u0026tag=1782840539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-rhel9@sha256%3Aeb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9\u0026tag=1782838476"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf5-rhel9@sha256%3A5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9\u0026tag=1782844225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf6-rhel9@sha256%3A0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9\u0026tag=1782839658"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-rhel9-operator@sha256%3Aaf873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator\u0026tag=1782839407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel9@sha256%3Ae8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9\u0026tag=1782839701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256%3A5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9\u0026tag=1782844359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9-operator@sha256%3Adbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9-operator\u0026tag=1782839191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256%3Af9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/prometheus-rhel9\u0026tag=1782840780"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256%3A60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/thanos-rhel9\u0026tag=1782840280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-rhel9@sha256%3A6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9\u0026tag=1782839494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-pf6-rhel9@sha256%3A8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9\u0026tag=1782839996"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/alertmanager-rhel9@sha256%3Ae2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/alertmanager-rhel9\u0026tag=1782840761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-health-analyzer-rhel9@sha256%3A8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9\u0026tag=1782838463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-observability-rhel9-operator@sha256%3A34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator\u0026tag=1782855737"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboards-console-plugin-rhel9@sha256%3Ae9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9\u0026tag=1782842349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-rhel9@sha256%3A28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9\u0026tag=1782838753"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf4-rhel9@sha256%3Ab7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9\u0026tag=1782840519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf5-rhel9@sha256%3Aeff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9\u0026tag=1782839981"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf6-rhel9@sha256%3A0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9\u0026tag=1782839193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/korrel8r-rhel9@sha256%3A6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/korrel8r-rhel9\u0026tag=1782839157"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-rhel9@sha256%3Ad1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9\u0026tag=1782841925"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf4-rhel9@sha256%3A2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9\u0026tag=1782839279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf5-rhel9@sha256%3Accce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9\u0026tag=1782840539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-rhel9@sha256%3Ac47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9\u0026tag=1782838476"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf5-rhel9@sha256%3A595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9\u0026tag=1782844225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf6-rhel9@sha256%3A9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9\u0026tag=1782839658"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-rhel9-operator@sha256%3A0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator\u0026tag=1782839407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel9@sha256%3Ab5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9\u0026tag=1782839701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256%3A4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9\u0026tag=1782844359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9@sha256%3Abf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9\u0026tag=1782839109"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9-operator@sha256%3Af9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9-operator\u0026tag=1782839191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256%3A316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/prometheus-rhel9\u0026tag=1782840780"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256%3A78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/thanos-rhel9\u0026tag=1782840280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-rhel9@sha256%3Abda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9\u0026tag=1782839494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-pf6-rhel9@sha256%3A935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9\u0026tag=1782839996"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/alertmanager-rhel9@sha256%3A86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/alertmanager-rhel9\u0026tag=1782840761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-health-analyzer-rhel9@sha256%3Af75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9\u0026tag=1782838463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-observability-rhel9-operator@sha256%3A764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator\u0026tag=1782855737"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboards-console-plugin-rhel9@sha256%3A3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9\u0026tag=1782842349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-rhel9@sha256%3Ada84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9\u0026tag=1782838753"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf4-rhel9@sha256%3A2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9\u0026tag=1782840519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf5-rhel9@sha256%3A573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9\u0026tag=1782839981"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/distributed-tracing-console-plugin-pf6-rhel9@sha256%3Ac48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9\u0026tag=1782839193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/korrel8r-rhel9@sha256%3A41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/korrel8r-rhel9\u0026tag=1782839157"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-rhel9@sha256%3Aed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9\u0026tag=1782841925"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf4-rhel9@sha256%3A1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9\u0026tag=1782839279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-console-plugin-pf5-rhel9@sha256%3A2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9\u0026tag=1782840539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-rhel9@sha256%3A91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9\u0026tag=1782838476"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf5-rhel9@sha256%3Acb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9\u0026tag=1782844225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"product_identification_helper": {
"purl": "pkg:oci/monitoring-console-plugin-pf6-rhel9@sha256%3A70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9\u0026tag=1782839658"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-rhel9-operator@sha256%3A1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator\u0026tag=1782839407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel9@sha256%3A39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9\u0026tag=1782839701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256%3Af396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9\u0026tag=1782844359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9@sha256%3A14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9\u0026tag=1782839109"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"product_identification_helper": {
"purl": "pkg:oci/perses-rhel9-operator@sha256%3A7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/perses-rhel9-operator\u0026tag=1782839191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256%3Abf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/prometheus-rhel9\u0026tag=1782840780"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256%3A00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/thanos-rhel9\u0026tag=1782840280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-rhel9@sha256%3Ac69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9\u0026tag=1782839494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"product": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/troubleshooting-panel-console-plugin-pf6-rhel9@sha256%3Aaa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9\u0026tag=1782839996"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64 as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x as a component of Cluster Observability Operator 1.5.0",
"product_id": "Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
},
"product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x",
"relates_to_product_reference": "Cluster Observability Operator 1.5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2020-10-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1891860"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm library trim where a specifically crafted input can cause a regular expression to take an abnormal amount of time to compute. All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) [DNP] via trim().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "RHBZ#1891860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891860"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7753",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7753"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7753",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7753"
},
{
"category": "external",
"summary": "https://github.com/component/trim/blob/master/index.js%23L6",
"url": "https://github.com/component/trim/blob/master/index.js%23L6"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038",
"url": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038"
}
],
"release_date": "2020-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function"
},
{
"cve": "CVE-2021-33623",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim-newlines: ReDoS in .end() method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) grafana-container does package a vulnerable verison of nodejs trim-newlines. However due to the instance being read only and behind OpenShift OAuth, the impact by this vulnerability is Low. Red Hat Advanced Cluster Management for Kubernetes (ACM) containers affected by this flaw are only accessible to authenticated users, thus the impact of this vulnerability is Low. \nRed Hat Virtualization (RHV) does package a vulnerable version of nodejs-trim-newlines. However, no untrusted content is being parsed therefore the impact of this vulnerability is Low.\n\nThe hosted services are shipped with the vulnerable packages, however the vulnerable methods were not identified in use at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33623"
},
{
"category": "external",
"summary": "RHBZ#1966615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623"
}
],
"release_date": "2021-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-trim-newlines: ReDoS in .end() method"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-52011",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-06-01T19:04:20.806168+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2483853"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in launch-editor, a tool that allows users to open files with line numbers in an editor from Node.js. Due to insufficient sanitization of the `file` argument in the `launchEditor` function, an attacker can execute arbitrary commands on Windows systems by supplying a filename that contains special characters. This can lead to a complete compromise of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "launch-editor: vite: launch-editor: Arbitrary command execution via insufficient file argument sanitization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52011"
},
{
"category": "external",
"summary": "RHBZ#2483853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483853"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52011"
},
{
"category": "external",
"summary": "https://github.com/vitejs/launch-editor/commit/971291e8a6a91226e1616c5c0ec85423d2d50a5e",
"url": "https://github.com/vitejs/launch-editor/commit/971291e8a6a91226e1616c5c0ec85423d2d50a5e"
},
{
"category": "external",
"summary": "https://github.com/vitejs/launch-editor/security/advisories/GHSA-c27g-q93r-2cwf",
"url": "https://github.com/vitejs/launch-editor/security/advisories/GHSA-c27g-q93r-2cwf"
}
],
"release_date": "2026-06-01T17:17:43.792000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "launch-editor: vite: launch-editor: Arbitrary command execution via insufficient file argument sanitization"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22870",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-03-12T19:00:59.178193+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351766"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NO_PROXY environment variable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "RHBZ#2351766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22870"
},
{
"category": "external",
"summary": "https://go.dev/cl/654697",
"url": "https://go.dev/cl/654697"
},
{
"category": "external",
"summary": "https://go.dev/issue/71984",
"url": "https://go.dev/issue/71984"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3503",
"url": "https://pkg.go.dev/vuln/GO-2025-3503"
}
],
"release_date": "2025-03-12T18:27:59.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net"
},
{
"cve": "CVE-2025-22872",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-04-16T18:03:27.904242+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTML tokenizer component. This vulnerability allows incorrect DOM construction and potential content misplacement via unquoted attribute values ending with a (/) in tags within foreign content contexts such as \u003cmath\u003e or \u003csvg\u003e.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "RHBZ#2360404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22872"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvgc-356p-c3xw",
"url": "https://github.com/advisories/GHSA-vvgc-356p-c3xw"
},
{
"category": "external",
"summary": "https://go.dev/cl/662715",
"url": "https://go.dev/cl/662715"
},
{
"category": "external",
"summary": "https://go.dev/issue/73070",
"url": "https://go.dev/issue/73070"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA",
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3595",
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
}
],
"release_date": "2025-04-16T17:13:02.550000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net"
},
{
"cve": "CVE-2025-47911",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-02-05T18:01:23.423406+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437109"
}
],
"notes": [
{
"category": "description",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "RHBZ#2437109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47911"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4440",
"url": "https://github.com/golang/vulndb/issues/4440"
},
{
"category": "external",
"summary": "https://go.dev/cl/709876",
"url": "https://go.dev/cl/709876"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c",
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4440",
"url": "https://pkg.go.dev/vuln/GO-2026-4440"
}
],
"release_date": "2026-02-05T17:48:44.562000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html"
},
{
"cve": "CVE-2025-58190",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-02-05T18:01:26.511908+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437110"
}
],
"notes": [
{
"category": "description",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) in an exposed go application if an attacker provides specially crafted HTML content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Infinite parsing loop in golang.org/x/net",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "RHBZ#2437110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4441",
"url": "https://github.com/golang/vulndb/issues/4441"
},
{
"category": "external",
"summary": "https://go.dev/cl/709875",
"url": "https://go.dev/cl/709875"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c",
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4441",
"url": "https://pkg.go.dev/vuln/GO-2026-4441"
}
],
"release_date": "2026-02-05T17:48:44.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Infinite parsing loop in golang.org/x/net"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4867",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T17:01:58.222137+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451783"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by crafting a malicious URL with three or more parameters in a single segment, separated by non-period characters. This causes the component to generate a bad regular expression, leading to catastrophic backtracking. The overlapping capture groups can consume excessive processing resources, resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4867"
},
{
"category": "external",
"summary": "RHBZ#2451783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4867",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4867"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4867",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4867"
},
{
"category": "external",
"summary": "https://blakeembrey.com/posts/2024-09-web-redos",
"url": "https://blakeembrey.com/posts/2024-09-web-redos"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2026-03-26T16:16:25.501000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using `path-to-regexp` can implement custom regular expressions for parameters beyond the first in a single URL segment. For example, a route like `/:a-:b-:c` can be rewritten as `/:a-:b([^-/]+)-:c([^-/]+)`. Alternatively, limiting the maximum length of incoming URLs can also reduce the risk of exploitation. These changes require application-level configuration and may necessitate a service restart to take effect.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters"
},
{
"cve": "CVE-2026-6321",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-05-04T20:01:14.938426+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466582"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6321"
},
{
"category": "external",
"summary": "RHBZ#2466582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466582"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6321",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6"
}
],
"release_date": "2026-05-04T19:31:57.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies"
},
{
"cve": "CVE-2026-6322",
"cwe": {
"id": "CWE-140",
"name": "Improper Neutralization of Delimiters"
},
"discovery_date": "2026-05-05T11:01:00.332189+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "RHBZ#2466684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
}
],
"release_date": "2026-05-05T10:29:16.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
},
{
"cve": "CVE-2026-6734",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2026-06-17T19:04:00.272340+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2490024"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from unintended origins may be trusted, and secure HTTPS connections could be silently downgraded to unencrypted HTTP, resulting in information disclosure and data integrity issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as an Important security flaw. The `undici` library, when configured with `Socks5ProxyAgent` to handle requests for multiple origins, incorrectly reuses connection pools. This can lead to sensitive data and credentials being misrouted to unintended destinations, potentially downgrading HTTPS connections to HTTP and compromising data integrity and confidentiality. Red Hat products utilizing `undici` with `Socks5ProxyAgent` in multi-origin scenarios are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6734"
},
{
"category": "external",
"summary": "RHBZ#2490024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6734",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6734"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj"
}
],
"release_date": "2026-06-17T16:36:55.439000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "The single most impactful mitigation is applying network egress controls to restrict which external destinations affected applications can reach. Because the vulnerability causes requests to be misrouted to wrong origins, limiting the set of reachable origins directly reduces the attack surface. These controls collectively limit the blast radius of the connection pool misrouting \u2014 the attacker must compromise one of the explicitly allowed destinations rather than any arbitrary origin \u2014 but they do not fix the underlying logic bug.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-9697",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-06-17T19:03:30.813843+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2490018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. When undici\u0027s ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier (URI), it silently ignores Transport Layer Security (TLS) options, such as custom Certificate Authorities (CAs). This allows a remote attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and tampering with HTTPS communications. The connection falls back to Node.js\u0027s default trust store, bypassing intended security configurations and potentially leading to information disclosure or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability. Applications using `undici`\u0027s `ProxyAgent` with a SOCKS5 proxy URI will silently ignore user-configured TLS options, including custom Certificate Authorities. This bypasses intended security controls for HTTPS communication, enabling a remote attacker to perform Man-in-the-Middle attacks, potentially leading to information disclosure or arbitrary code execution in affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9697"
},
{
"category": "external",
"summary": "RHBZ#2490018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9697",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9697"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9697",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9697"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g"
}
],
"release_date": "2026-06-17T16:46:42.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy"
},
{
"cve": "CVE-2026-12143",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-12T19:00:57.360953+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: form-data: Form field override via CRLF injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "RHBZ#2488480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/93.html",
"url": "https://cwe.mitre.org/data/definitions/93.html"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
"url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
"url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
"url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
},
{
"category": "external",
"summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
"url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/form-data",
"url": "https://www.npmjs.com/package/form-data"
}
],
"release_date": "2026-06-12T18:01:30.362000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "form-data: form-data: Form field override via CRLF injection"
},
{
"cve": "CVE-2026-12151",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-17T17:01:45.297604+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489980"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A malicious WebSocket server can exploit this by streaming numerous small or empty continuation frames. This can bypass per-frame and cumulative-size validation, leading to unbounded memory growth in the client process. The primary consequence is memory exhaustion, resulting in a denial of service (DoS) for affected applications using the undici WebSocket client or WebSocketStream API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the `undici` WebSocket client allows a remote attacker to cause unbounded memory growth. By sending numerous small or empty WebSocket frames, an unauthenticated attacker can exhaust system memory, leading to a denial of service in Red Hat products that use the affected client.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12151"
},
{
"category": "external",
"summary": "RHBZ#2489980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12151"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q"
}
],
"release_date": "2026-06-17T16:05:38.785000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames"
},
{
"cve": "CVE-2026-25680",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-05-22T16:01:05.431197+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480760"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could provide specially crafted HTML, which, when parsed by the affected component, would consume excessive CPU resources. This could lead to a Denial of Service (DoS) condition, making the system unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this issue as Moderate with RH CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). A flaw was found in golang.org/x/net/html where parsing crafted HTML can consume excessive CPU time, leading to denial of service. Exploitation requires user interaction (a victim application parsing attacker-controlled HTML). Most Red Hat products that bundle golang.org/x/net do not use the html parser to process untrusted HTML in their supported execution paths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25680"
},
{
"category": "external",
"summary": "RHBZ#2480760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25680"
},
{
"category": "external",
"summary": "https://go.dev/cl/781702",
"url": "https://go.dev/cl/781702"
},
{
"category": "external",
"summary": "https://go.dev/issue/79573",
"url": "https://go.dev/issue/79573"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5028",
"url": "https://pkg.go.dev/vuln/GO-2026-5028"
}
],
"release_date": "2026-05-22T15:01:21.805000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Update affected Go applications to use golang.org/x/net version 0.55.0 or later. As a workaround, do not use golang.org/x/net/html to parse untrusted HTML content, or enforce timeouts on HTML parsing operations. Applications that do not parse arbitrary HTML are not affected.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing"
},
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-33228",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-21T00:01:43.424803+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "RHBZ#2449872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
"url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
"url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
}
],
"release_date": "2026-03-20T23:06:48.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
},
{
"cve": "CVE-2026-33671",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T22:01:52.640474+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451986"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Picomatch, a JavaScript glob matcher. This Regular Expression Denial of Service (ReDoS) vulnerability allows a remote attacker to cause excessive CPU consumption and block the Node.js event loop, leading to a denial of service. This occurs when untrusted users supply crafted extglob patterns, specifically those using quantifiers like `+()` and `*()` combined with overlapping alternatives or nested extglobs, which can trigger catastrophic backtracking in the compiled regular expressions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33671"
},
{
"category": "external",
"summary": "RHBZ#2451986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33671"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33671",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33671"
},
{
"category": "external",
"summary": "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d",
"url": "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d"
},
{
"category": "external",
"summary": "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj",
"url": "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj"
}
],
"release_date": "2026-03-26T21:20:48.191000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using Picomatch should avoid passing untrusted glob patterns for compilation or matching. Implementations can disable extglob support for untrusted patterns by setting `noextglob: true` in Picomatch configurations. Alternatively, reject or sanitize patterns containing nested extglobs or specific extglob quantifiers like `+()` and `*()`. Enforcing strict allowlists for accepted pattern syntax can also reduce exposure. If the application is a service, consider running the matching process in an isolated worker or separate process with time and resource limits, and apply application-level request throttling and input validation for any endpoint that accepts glob patterns. No service restart or reload is typically required for these application-level configuration changes, but verify the specific application\u0027s behavior.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-33891",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-27T21:01:34.410210+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "RHBZ#2452450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
}
],
"release_date": "2026-03-27T20:43:37.725000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-33895",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:18.484291+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452457"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "RHBZ#2452457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
"url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
"url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
}
],
"release_date": "2026-03-27T20:47:54.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
},
{
"cve": "CVE-2026-33896",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-27T21:02:22.762233+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "RHBZ#2452458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
"url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
}
],
"release_date": "2026-03-27T20:50:03.418000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
},
{
"cve": "CVE-2026-33937",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:50.619819+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. An attacker can exploit this by supplying a crafted Abstract Syntax Tree (AST) object to the `Handlebars.compile()` function. This allows the injection and execution of arbitrary JavaScript code due to improper sanitization of the `value` field in `NumberLiteral` AST nodes. This vulnerability can lead to Remote Code Execution (RCE) on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars: Remote Code Execution via crafted Abstract Syntax Tree object in compile()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in Handlebars that allows for Remote Code Execution. The flaw occurs when the `Handlebars.compile()` function processes a specially crafted Abstract Syntax Tree (AST) object, leading to the injection and execution of arbitrary JavaScript code. Red Hat products utilizing Handlebars are affected if they process untrusted input through the `compile()` function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33937"
},
{
"category": "external",
"summary": "RHBZ#2452523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q"
}
],
"release_date": "2026-03-27T21:03:46.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that any input provided to the `Handlebars.compile()` function is strictly validated to be a string type, preventing the injection of crafted Abstract Syntax Tree (AST) objects. Additionally, for deployments where templates are pre-compiled at build time, consider utilizing the Handlebars runtime-only build (`handlebars/runtime`). This build variant does not include the `compile()` function, thereby eliminating the attack vector. If the application is a service, a restart may be required for the changes to take effect.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars: Remote Code Execution via crafted Abstract Syntax Tree object in compile()"
},
{
"cve": "CVE-2026-33938",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:58.504001+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452525"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. A remote attacker can exploit this vulnerability by manipulating the `@partial-block` special variable within the template data context. By overwriting `@partial-block` with a specially crafted Abstract Syntax Tree (AST) through a helper, a subsequent invocation of `{{\u003e @partial-block}}` will compile and execute the malicious AST. This enables arbitrary JavaScript execution on the server, leading to potential compromise of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars: Handlebars: Arbitrary code execution via @partial-block overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Handlebars allows arbitrary code execution when processing untrusted input. This occurs if an attacker can manipulate the `@partial-block` special variable through a helper, leading to the execution of a crafted Abstract Syntax Tree. Red Hat products are affected if they use Handlebars versions 4.0.0 through 4.7.8 in server-side applications where untrusted input can influence template data or context objects. Deployments utilizing the Handlebars runtime-only build are not vulnerable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33938"
},
{
"category": "external",
"summary": "RHBZ#2452525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33938"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r"
}
],
"release_date": "2026-03-27T21:05:42.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Applications using Handlebars should implement the runtime-only build (`require(\u0027handlebars/runtime\u0027)`) to prevent exploitation, as this build lacks the vulnerable `compile()` method. Additionally, review all registered helpers to ensure they do not write arbitrary values to context objects, and avoid using third-party helpers in contexts exposed to untrusted input.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars: Handlebars: Arbitrary code execution via @partial-block overwrite"
},
{
"cve": "CVE-2026-33939",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-27T22:01:36.296267+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452508"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars.js. A remote attacker can exploit this by submitting a malformed Handlebars template that includes decorator syntax referencing an unregistered decorator. When the application attempts to compile this template without proper error handling, it triggers an unhandled `TypeError`. This error causes the Node.js process to crash, resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars.js: Denial of Service via malformed decorator syntax in template compilation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in Handlebars.js affecting applications that compile user-supplied templates without proper error handling. A remote attacker can submit a malformed template containing unregistered decorator syntax, leading to an unhandled `TypeError` and crashing the Node.js process. Red Hat products are vulnerable if they use Handlebars.js in a configuration that allows untrusted input to be compiled at runtime without implementing `try/catch` blocks or input validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33939"
},
{
"category": "external",
"summary": "RHBZ#2452508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33939",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33939"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff"
}
],
"release_date": "2026-03-27T21:08:24.664000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Handlebars.js should implement robust error handling during template compilation and rendering. Specifically, wrap template compilation and rendering calls in `try/catch` blocks to gracefully handle `TypeError` exceptions. Alternatively, validate user-supplied template input to reject decorator syntax (`{{*...}}`) if decorators are not actively used by the application. Employing a pre-compilation workflow, where templates are compiled at build time and only pre-compiled templates are served, can also prevent runtime exploitation. If the application is a service, a restart may be required for changes to take effect.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars.js: Denial of Service via malformed decorator syntax in template compilation"
},
{
"cve": "CVE-2026-33940",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:42.813017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars.js. A remote attacker can exploit this vulnerability by providing a specially crafted object within the template context. This crafted object, when processed by a dynamic partial lookup, can bypass security checks and be interpreted as malicious code. This allows the attacker to execute arbitrary commands on the server where Handlebars.js is running.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars.js: Arbitrary code execution via crafted template context",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important arbitrary code execution vulnerability in Handlebars.js. The flaw can be exploited when an application uses Handlebars.js with dynamic partial lookups and processes user-controlled data within the template context. Red Hat products bundling Handlebars.js are affected if they meet these specific conditions for exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33940"
},
{
"category": "external",
"summary": "RHBZ#2452521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33940"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6"
}
],
"release_date": "2026-03-27T21:11:10.719000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, use the runtime-only build of Handlebars.js, which prevents the fallback compilation path from being reached. Alternatively, sanitize all context data before rendering to ensure no non-primitive objects are passed to dynamic partials. Avoid dynamic partial lookups (`{{\u003e (lookup ...)}}`) when context data is user-controlled. Implementing these mitigations may require application-level changes.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars.js: Arbitrary code execution via crafted template context"
},
{
"cve": "CVE-2026-33941",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:54.583022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452524"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. The Handlebars command-line interface (CLI) precompiler concatenates user-controlled strings, such as template file names and CLI options, directly into the generated JavaScript without proper escaping or sanitization. An attacker capable of influencing these inputs can inject arbitrary JavaScript code. This can lead to arbitrary code execution when the generated JavaScript bundle is loaded in a Node.js environment or a web browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: This flaw in Handlebars allows arbitrary code execution when the CLI precompiler processes untrusted inputs. An attacker who can influence template filenames or command-line arguments can inject malicious JavaScript, which executes when the generated bundle is loaded. Red Hat products utilizing the Handlebars CLI precompiler in environments where untrusted inputs are processed may be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33941"
},
{
"category": "external",
"summary": "RHBZ#2452524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452524"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33941",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33941"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf"
}
],
"release_date": "2026-03-27T21:13:15.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure all inputs to the Handlebars CLI precompiler are thoroughly validated, rejecting characters with JavaScript string-escaping significance (e.g., \\\" , \\\u0027 , ;). For automated build pipelines, configure a fixed and trusted namespace string via a configuration file rather than passing it through command-line arguments. Additionally, consider running the precompiler within a sandboxed environment, such as a container with restricted write access, to limit the potential impact of successful exploitation.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `idna` package, specifically within the `golang.org/x/net/idna` component. This vulnerability allows for privilege escalation due to incorrect processing of Punycode-encoded labels. An attacker could craft a malicious Punycode label that, when initially checked, appears safe but then decodes to a restricted ASCII hostname, bypassing security controls and gaining unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important privilege escalation flaw in the `golang.org/x/net/idna` package. Applications utilizing this package for hostname validation in Red Hat products may incorrectly process specially crafted Punycode labels. This can lead to a bypass of security controls, as a seemingly benign Punycode domain could resolve to a restricted ASCII hostname, granting unauthorized access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-42506",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:02.675281+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480759"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. When parsing arbitrary HTML that is subsequently rendered, an unexpected HTML tree can be generated. A remote attacker could leverage this vulnerability to execute Cross-Site Scripting (XSS) attacks in applications that attempt to sanitize input HTML before rendering, potentially leading to unauthorized actions or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42506"
},
{
"category": "external",
"summary": "RHBZ#2480759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480759"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42506",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42506"
},
{
"category": "external",
"summary": "https://go.dev/cl/781700",
"url": "https://go.dev/cl/781700"
},
{
"category": "external",
"summary": "https://go.dev/issue/79571",
"url": "https://go.dev/issue/79571"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5025",
"url": "https://pkg.go.dev/vuln/GO-2026-5025"
}
],
"release_date": "2026-05-22T15:01:21.056000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Update affected Go applications to use golang.org/x/net version 0.55.0 or later. As a workaround, do not use golang.org/x/net/html to parse and re-render untrusted HTML content. Applications that do not parse arbitrary HTML are not affected.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing"
},
{
"cve": "CVE-2026-48779",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-06-16T22:01:24.571224+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489661"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"known_not_affected": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "RHBZ#2489661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7",
"url": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53",
"url": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94",
"url": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8",
"url": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p"
}
],
"release_date": "2026-06-16T21:26:22.537000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T14:36:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:09b51e95318e4d2e9def285dad6ae8f8688a7b23fe7f80e465748002ffd7d84d_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:86a5f4af2ca39be157aeb8ed19b0490e7626c643f64cf023e51fba79f1ec465d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:dde7d5a96cc71ff36a520a0718629a2787f743dabd55e0f11fb450c3d18bd490_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel9@sha256:e2684500d9e5164d9a2f5a8accf70f848ae11195de5ddef7d4e9dfa65cc79cb0_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6eb7997104e5c20e2aeeadfe6028c94bf9a9fff37e0e8dce43779f2171ff3f51_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:6f0412c1c98dc1e062da46853088ae28bee83cf767c320e2c59a9d938c9cb0cf_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:8242946d7b196b879980955ab0bf0586722b17f6ee9ad1d2ac3ef34e1cb05534_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-health-analyzer-rhel9@sha256:f75a578c714223ec9e6aad31b53522f313fc22cc6a8028c447bd60a5046bd2ff_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:6578f6e0bf83cf924d724dd110abca715f6fd656477c1bf033cf9707650a0279_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:2e6c7b4aaeda812c292c428188bd3046fdef84dedfa39006bcc7ab525f3330af_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:34a057b1cb67a1de2dbf18cbb1abbb006a3636894d727e400689339ccdf90651_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:764dc2c081add10807008c2467337574e3f6f25d7df6bfe4363df02948cb6d56_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel9-operator@sha256:f5a392c6fb3e138dcf4d7cbc9ef17be3fbd1c41793cc7127567fa2d862a9734e_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:0ee1e15691afd9afb73a0e22065eb14b754890c489be082ec5eb2c970bfb29ac_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:3b05276701190318cb96f1a940b35004fe69b838b3452aae1191a006e57b9cdc_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:e9270444965f2c39ff75323266114ced56fe70c14d9003d5c8b80b70abf4cf0c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-rhel9@sha256:f3e2613586e616efb8d3ffc5a8200fe2be037c83d2e46423970d55b3f845f1c9_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:2458650c46b90645dc9c0f271598baca1cf7aed76a63be523805eb654ddaab54_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:34199b2ae39fa33693ce3238e7deeb0cbc9b085653e2a7fb3f481a1e39335266_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:837687753bd65fdc8f0815bb6d89cfbfe17332f74eebd11dba8d7cf7dc51b9e1_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9@sha256:b7534e4963d4d86a4f0f08632b5ecc81f6007bd4488f979bdcb0447228e0cb43_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:573e6cefdacb285de4645b9f7bca37a36ea514d8d6febb3859d60d998a30f6b7_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:eff791b250e3685d378aaf60356fea32de1ea1789497578b68636f0cb623bb4b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f0e31451ef147785006a3836e065ef052aa5fc213645482a88b5c8f22b7579c1_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9@sha256:f1873fa1a11acb3698b2fdee4d3e76ea0d86bf42ad03d81fc6dad80d47a0bcfc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:0b22c50437d7d84f23314479085867643fed1ebcbfc380a7790c4cc607ff6d50_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:258678fae42e66186adec5518e7ec1cea75f3d8d39a8f8ec07fd741938de6bc2_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:9227f20c6a4f81d5e8e8ea938bb978f742470f2ada7fbdaa218ef6dfa755f8f4_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9@sha256:c48e09ca60267fc0189b87414bf5454461846d57adc957683524e392f1fb8d18_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:28f0347a3e5c42704e70c5d7669f3b4d0543a09c9160191ad000b4c723d793ad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:a4a0e71ff06855e9314255ae6113d57bd2a32d14b96e04e1cb2dff0c653a28f9_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:d93ff1850ec815db9749ba13130f3428269396106c53fc84fe717a23e5c4eeb7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-rhel9@sha256:da84dff6b97286fc442f4d44a65a3226d370de792e705f2c95c01530a879516d_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:41c623f7f6d23e4fad05abeda83745c12f3da35fae78f367461f8b2eec711e6a_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:54f2e30eca91df0221394b2f86cfed384e573c42099dc1efe16ffd8515e5f826_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:6785a20d6cd0ba779455b13ebd13d1cd0f080fcfaaab013f95c4976dc0588a8b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel9@sha256:9815b5833ce58c918fcf3e1de643a0cb729720c3286888bcd76d4925bd390847_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:1a883d0526f205beab9dfc51c5ac32b6a494dd950465b319076bf3a72e05e798_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:2ef62503cd347fba4ae4e9fe659a39fd7ceeb6be9b29ac8c1a1071f378ad7fbc_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:841c0c2af089daa79d66d73da42e9b7f1880db3ee27a1160e8e2f230f125c9f4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf4-rhel9@sha256:91568609093559b57722d4125b472a815fabb79888a56ac5e444d34a90c5f944_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:03182e8c0d9a28dd8dab831b3740bb588fd8d03f6783d24c492e53e52df5613d_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:2d882541f78495cb6ab25932d03947e038d5e477d878210e506dffcd787d201b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:ccce0a754cefa59c426bea1b1c8c345487a1cd35d147f50d8c2c881401b9ea7c_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-pf5-rhel9@sha256:cdd84d0f5e4fbe28071182219185e2dc5a1f478c48a14eb2a34ef9dc8d75dc96_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:110c5c431fdf763c96bba57afe759e82f6c0bd255bad79bbf9fa5e3551e19f00_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:b8ec0cb408820dd42e56fa5ef083f0f8180638dc883857bea294c281e06ede08_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:d1ec1feb75ea3f0de37099f602427fec5a0295da031fd0ff4774cb53515862af_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-rhel9@sha256:ed1ea1ccab647fb51e2f1c717cd161e325a6bf2b8abde53036a6d27219865077_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:595554f398ac60a30907c974b8f3b296d4b985c032a0e7b7cb4803236dc1cbb4_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:5d0efae1c7f63a52b8de49809444179964fa28ecda7488f7afdf82b1ce8e627f_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:9c05597e0d947f18bd3e859f5df60faf6ccdb25ae7ef0e18ab3df3eb1742c720_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf5-rhel9@sha256:cb9511103b0c0682b6248c9c60f81097ed5a5dc3bcb77ceee20b1ec9e412730f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:0260ad9ca47531e44588acc9f4fd70aefcffa0954b8ce8cab3ab5f7624598020_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:15e167b5f27c481c4909bae464a8e31e568cad73477eac7847eecfc7a76ef386_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:70adda1fe4c0835060c7378f3d9c969b0e34e4e43262d9c1298990e7c32bce42_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-pf6-rhel9@sha256:9b8ebc2f88ada2085ca87417407c689c1419b0f504f2173999ecda4eb4931cfd_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:1dc3332d59152fc0a929539ffe4d121b9bc303636926f0ed17255bc881b8abfb_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:91f8f4baa1d6ae76e16ef7220a790d5c4cb3b146e7f31cac53d18c82d40cec0b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:c47696862b842aa53c7fd5831c4c217467a31fd3f813a6f0f5c34e2b52fd786b_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-rhel9@sha256:eb22ccbdcfe215d624e194400674a734ac7a0b0edc4a417739095a3e0247f6fb_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:39109fa4f2af7b3ab1de9babbb232b3089e5023e99b674914f79604ba19928d4_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:3f34f3d1da02b8663ecff8bd34761715378126c9ac67576c8c50c94e5ead2c1b_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:b5adff760a57563166335934a5188117d54fcf46b5c1c8326d456d9ccff4e599_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel9@sha256:e8f327b837a2359a5a1ecef2c7b89064c99bcef5d5e5a7b0413c86362a963233_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:0a35b121ed92e360676a1a9900166ef9faa035e1efe0228a6a6fd6b4b7b370af_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:4f214a2064154bc7f922b665787c8f13519b677eea704aa8000ddb045865a6c3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:5bd7963940868f7bfd9ce2062d857238d16a0297802cda5a1d5e22bf7c1df3ab_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel9@sha256:f396b1fb0cefbe0d2ad03b1977b39aefe47c681b04b3491f8d7ce28b785241df_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:0e1ee52aa4fe3e549ca82fb28519d598ec5c3b258721a0817957fd2da25838cb_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:1c2ce94bc1cf89ae8c94778e5ddc108501ec8ddb02c46e76f8bba83f4b7c1749_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:33aae90d54f3d4683748d102f0592c9bdfc612a5408426e416cb2e8796708a08_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel9-operator@sha256:af873a2b4133324ecab21761c2ade8ba53f1cd421853f410d5aca725908163c6_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:7b331d3901418fec4db96acbe1b2866ad5c37382450d945fe6927840bebaa636_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:b93e37c843f93dcb2b7fb39ca9ee9d55bab662bf864e924cdbfc82d346ff87b4_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:dbac43ae0993a55d4a448b0831fdb708abbcd0328582c738c4b0fc3763574ead_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9-operator@sha256:f9490cada2e8cfe72c3a039c97a74ace9dc563df303d926c2035ff694c5abfb8_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:14c55ef1f29ede1892471b5c5961ccfa84eb47b8d93afdffb9cc0e5062f7abc8_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:4b2b77f1f9ee209588f973c22901f65cbc532e3ba90bd1b7728bd1aef0963de8_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:8fd0e2f58615893a801951f58b8e227bf240236178c19d3cba03f9a93ae1560b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/perses-rhel9@sha256:bf66a6276709a95d41be3b0fe0ec8a3767b264c09736f5b863c6764d2224b3e3_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:316f4fcaffa1616dbd99e04c77d3444e1dc7ef94209d7daa593cd232f30ad165_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:631eaf2a91cd777a22efee467f973b54dc3dc97ea35bdcbfdf370011aac404db_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:bf663d1bc45d4823676addd19704983eb99fdb80feb052c135209bc5a1065e3b_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel9@sha256:f9278ac679869558ce8a53d99640761214bfbf5f69681fa5159438f92023d6d7_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:00c060d0a64cd6fefa0138e263a6382d12530f4f9655abdcefc098f8e1afd0d2_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:60ee1ebf0b39c6c5fb337a3b942148f26b8cf4337acff21f095756c902506a0e_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:78a00ca8af6935aeb916cfae4712735c5a4bd22b86601bbd229618b8ea5cd008_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/thanos-rhel9@sha256:9983ec744a28b2abe72670652a94249c9d9d3624cc39062ad1cbff0116337f0c_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:6f053e36d5ef57ba6d04f036a55800097264d9a5cac5dd96198b7afafa8cb93f_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:8c22f14eb3db715badfbe34e86fee590ac4435095db4f359d555360abde376cc_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:935e17334aec23c168cd36ca6dd83ee5710ed44caa38247b759d1778298e2bad_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-pf6-rhel9@sha256:aa84b143c1e0e4ca0186c75bf1e46b4cfdbdd7cdfaee4acdcb6bffe697b6aa0f_s390x",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:475b2e517944517554d54998e20304a01095a0cb0438b45d0d0e87b208044003_amd64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:6efe5ec5691a1fbbce753ba17ddaddf0fc29dd76b3c7cd27c2243f32d043436b_arm64",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:bda2a8a401d3ceed7dd74809da989bfb0089373492ba1085136145de880c99e1_ppc64le",
"Cluster Observability Operator 1.5.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-rhel9@sha256:c69d290471d7b5a3c44d9a3d01b3234ee8b29c4edfba7364edc01a2bc83f7871_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments"
}
]
}
RHSA-2026:5807
Vulnerability from csaf_redhat - Published: 2026-03-25 12:32 - Updated: 2026-07-01 15:50A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.16.4 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5807",
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12060",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12638",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6193",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25223",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25639",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5807.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-07-01T15:50:10+00:00",
"generator": {
"date": "2026-07-01T15:50:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5807",
"initial_release_date": "2026-03-25T12:32:51+00:00",
"revision_history": [
{
"date": "2026-03-25T12:32:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-25T12:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T15:50:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.16",
"product": {
"name": "Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256%3Ab68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282100"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256%3A022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Afd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3A4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774288148"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3A64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3Ab26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282134"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel8@sha256%3Af38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Ac46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3Ab82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282159"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282202"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Aace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282095"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256%3Aa880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774286327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel8@sha256%3A14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3Aa291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3Aae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282244"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3Aabdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282058"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256%3Aaa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774296584"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256%3A2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774293140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel8@sha256%3A6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774285579"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256%3A92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282073"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-6193",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-06-20T14:05:07.010000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374032"
}
],
"notes": [
{
"category": "description",
"text": "A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod\u0027s terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "trustyai-explainability: command injection via LMEvalJob CR",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "RHBZ#2374032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504",
"url": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504"
}
],
"release_date": "2025-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "trustyai-explainability: command injection via LMEvalJob CR"
},
{
"cve": "CVE-2025-12060",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-10-30T18:01:32.193676+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407443"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python\u0027s tarfile.extractall function without the filter=\"data\" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Keras Path Traversal Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "RHBZ#2407443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/pull/21760",
"url": "https://github.com/keras-team/keras/pull/21760"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9",
"url": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9"
}
],
"release_date": "2025-10-30T17:10:43.868000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Keras Path Traversal Vulnerability"
},
{
"cve": "CVE-2025-12638",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-11-28T15:01:10.693633+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417711"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python\u0027s tarfile.extractall() method without the security-critical filter=\u0027data\u0027 parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Path Traversal Vulnerability in keras",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "RHBZ#2417711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951",
"url": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4",
"url": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4"
}
],
"release_date": "2025-11-28T14:06:02.069000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Path Traversal Vulnerability in keras"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66626",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2025-12-09T21:01:10.560389+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420818"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as High severity (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H, 8.3) because an attacker with basic workflow submission privileges can supply a specially crafted archive that is automatically extracted without proper validation. The attack complexity is low and does not require user interaction once the malicious workflow is submitted. Successful exploitation allows arbitrary file overwrite within the affected pod, including critical execution files, which can result in code execution at pod startup. While the impact is generally limited to the compromised pod and does not directly lead to host-level compromise, the integrity and availability impacts within the container are significant, justifying a High severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "RHBZ#2420818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66626",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66626"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p84v-gxvw-73pf",
"url": "https://github.com/advisories/GHSA-p84v-gxvw-73pf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037",
"url": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1",
"url": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh",
"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh"
}
],
"release_date": "2025-12-09T20:19:14.680000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links"
},
{
"cve": "CVE-2025-68156",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-16T19:01:42.049157+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products utilizing the `Expr` Go library because it can lead to a denial-of-service. Exploitation requires an application to evaluate expressions against untrusted or insufficiently validated data structures containing deeply nested or cyclic references, which can cause a stack overflow and application crash. Products that do not process untrusted input with `Expr` are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "RHBZ#2422891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/870",
"url": "https://github.com/expr-lang/expr/pull/870"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6"
}
],
"release_date": "2025-12-16T18:24:11.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-25223",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2026-02-03T22:01:19.884891+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436560"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in Fastify, a Node.js web framework, allows remote attackers to bypass request body validation by manipulating the Content-Type header. This can lead to unexpected data processing and integrity issues in applications. Red Hat products such as Red Hat Enterprise Linux AI, Red Hat OpenShift AI, and Red Hat OpenShift Dev Spaces are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "RHBZ#2436560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436560"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25223",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization",
"url": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821",
"url": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq",
"url": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3464114",
"url": "https://hackerone.com/reports/3464114"
}
],
"release_date": "2026-02-03T21:21:40.268000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact"
},
{
"cve": "CVE-2026-25639",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-09T21:00:49.280114+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438237"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "RHBZ#2438237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57",
"url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.13.5",
"url": "https://github.com/axios/axios/releases/tag/v1.13.5"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433",
"url": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"
}
],
"release_date": "2026-02-09T20:11:22.374000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
}
]
}
RHSA-2026:7080
Vulnerability from csaf_redhat - Published: 2026-04-08 13:58 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs22 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a platform built on Chrome\u0027s JavaScript runtime \\ for easily building fast, scalable network applications. \\ Node.js uses an event-driven, non-blocking I/O model that \\ makes it lightweight and efficient, perfect for data-intensive \\ real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7080",
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7080.json"
}
],
"title": "Red Hat Security Advisory: nodejs22 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:28+00:00",
"generator": {
"date": "2026-07-01T00:12:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7080",
"initial_release_date": "2026-04-08T13:58:58+00:00",
"revision_history": [
{
"date": "2026-04-08T13:58:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T13:58:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_id": "nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-1.el10_1?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_id": "nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-1.el10_1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_id": "nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-1.el10_1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-devel-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-libs-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_id": "nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-1.el10_1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:22.22.2-1.el10_1.noarch",
"product": {
"name": "nodejs-docs-1:22.22.2-1.el10_1.noarch",
"product_id": "nodejs-docs-1:22.22.2-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@22.22.2-1.el10_1?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs22-1:22.22.2-1.el10_1.src",
"product": {
"name": "nodejs22-1:22.22.2-1.el10_1.src",
"product_id": "nodejs22-1:22.22.2-1.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22@22.22.2-1.el10_1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-devel-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:22.22.2-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch"
},
"product_reference": "nodejs-docs-1:22.22.2-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-libs-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-1:22.22.2-1.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src"
},
"product_reference": "nodejs22-1:22.22.2-1.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:58:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-devel-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-docs-1:22.22.2-1.el10_1.noarch",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-full-i18n-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-libs-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.s390x",
"AppStream-10.1.Z:nodejs-npm-1:10.9.7-1.22.22.2.1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-1:22.22.2-1.el10_1.src",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debuginfo-1:22.22.2-1.el10_1.x86_64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.aarch64",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.s390x",
"AppStream-10.1.Z:nodejs22-debugsource-1:22.22.2-1.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
}
]
}
RHSA-2026:7123
Vulnerability from csaf_redhat - Published: 2026-04-08 18:17 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7123",
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "RHEL-154019",
"url": "https://issues.redhat.com/browse/RHEL-154019"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7123.json"
}
],
"title": "Red Hat Security Advisory: nodejs:22 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:28+00:00",
"generator": {
"date": "2026-07-01T00:12:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7123",
"initial_release_date": "2026-04-08T18:17:58+00:00",
"revision_history": [
{
"date": "2026-04-08T18:17:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T18:17:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=src\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=src\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel8.10.0%2B24148%2B847b6786?arch=src\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product": {
"name": "nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch (nodejs:22)",
"product_id": "nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=noarch\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel8.10.0%2B24148%2B847b6786?arch=noarch\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch (nodejs:22)",
"product_id": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-6.module%2Bel8.10.0%2B24148%2B847b6786?arch=noarch\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=aarch64\u0026epoch=3\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=ppc64le\u0026epoch=3\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=s390x\u0026epoch=3\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel8.10.0%2B24148%2B847b6786?arch=x86_64\u0026epoch=3\u0026rpmmod=nodejs:22:8100020260331102257:6d880403"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22"
},
"product_reference": "nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T18:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7123"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:22.22.2-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.1-1.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24148+847b6786.src::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24148+847b6786.noarch::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:10.9.7-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.aarch64::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.ppc64le::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.s390x::nodejs:22",
"AppStream-8.10.0.Z.MAIN.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el8.10.0+24148+847b6786.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
}
]
}
RHSA-2026:7302
Vulnerability from csaf_redhat - Published: 2026-04-09 13:04 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7302",
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7302.json"
}
],
"title": "Red Hat Security Advisory: nodejs:22 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:28+00:00",
"generator": {
"date": "2026-07-01T00:12:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7302",
"initial_release_date": "2026-04-09T13:04:58+00:00",
"revision_history": [
{
"date": "2026-04-09T13:04:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-09T13:04:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=src\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=src\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=src\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product": {
"name": "nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22)",
"product_id": "nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=noarch\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=noarch\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22)",
"product_id": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-6.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=noarch\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=aarch64\u0026epoch=3\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=ppc64le\u0026epoch=3\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=s390x\u0026epoch=3\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.7.0%2B24157%2B8ddb2461?arch=x86_64\u0026epoch=3\u0026rpmmod=nodejs:22:9070020260401095228:rhel9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22"
},
"product_reference": "nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:04:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7302"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.1-1.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24157+8ddb2461.src::nodejs:22",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24157+8ddb2461.noarch::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:npm-1:10.9.7-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.aarch64::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.ppc64le::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.s390x::nodejs:22",
"AppStream-9.7.0.Z.MAIN:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.7.0+24157+8ddb2461.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
}
]
}
RHSA-2026:7310
Vulnerability from csaf_redhat - Published: 2026-04-09 13:38 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs22 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a platform built on Chrome\u0027s JavaScript runtime \\ for easily building fast, scalable network applications. \\ Node.js uses an event-driven, non-blocking I/O model that \\ makes it lightweight and efficient, perfect for data-intensive \\ real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7310",
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7310.json"
}
],
"title": "Red Hat Security Advisory: nodejs22 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:29+00:00",
"generator": {
"date": "2026-07-01T00:12:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7310",
"initial_release_date": "2026-04-09T13:38:21+00:00",
"revision_history": [
{
"date": "2026-04-09T13:38:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-09T13:38:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_id": "nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-2.el10_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_id": "nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-2.el10_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_id": "nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-2.el10_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-devel-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-libs-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"product": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"product_id": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-npm@10.9.7-1.22.22.2.2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debugsource@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"product": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_id": "nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22-debuginfo@22.22.2-2.el10_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:22.22.2-2.el10_0.noarch",
"product": {
"name": "nodejs-docs-1:22.22.2-2.el10_0.noarch",
"product_id": "nodejs-docs-1:22.22.2-2.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@22.22.2-2.el10_0?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs22-1:22.22.2-2.el10_0.src",
"product": {
"name": "nodejs22-1:22.22.2-2.el10_0.src",
"product_id": "nodejs22-1:22.22.2-2.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs22@22.22.2-2.el10_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-devel-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:22.22.2-2.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch"
},
"product_reference": "nodejs-docs-1:22.22.2-2.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-libs-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64"
},
"product_reference": "nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-1:22.22.2-2.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src"
},
"product_reference": "nodejs22-1:22.22.2-2.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
},
"product_reference": "nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T13:38:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7310"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-devel-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-docs-1:22.22.2-2.el10_0.noarch",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-full-i18n-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-libs-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs-npm-1:10.9.7-1.22.22.2.2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-1:22.22.2-2.el10_0.src",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debuginfo-1:22.22.2-2.el10_0.x86_64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.aarch64",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.s390x",
"AppStream-10.0.Z.E2S:nodejs22-debugsource-1:22.22.2-2.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
}
]
}
RHSA-2026:7350
Vulnerability from csaf_redhat - Published: 2026-04-09 20:27 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.
CWE-425 - Direct Request ('Forced Browsing')| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.
CWE-279 - Incorrect Execution-Assigned Permissions| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in V8's string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8's internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* nodejs: Nodejs denial of service (CVE-2026-21637)\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)\n\n* undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\n* Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions (CVE-2026-21715)\n\n* nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)\n\n* Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)\n\n* Node.js: Node.js: Information disclosure via timing oracle in HMAC verification (CVE-2026-21713)\n\n* Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames (CVE-2026-21714)\n\n* nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions (CVE-2026-21717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7350",
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7350.json"
}
],
"title": "Red Hat Security Advisory: nodejs:24 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:30+00:00",
"generator": {
"date": "2026-07-01T00:12:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7350",
"initial_release_date": "2026-04-09T20:27:37+00:00",
"revision_history": [
{
"date": "2026-04-09T20:27:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-09T20:27:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=src\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product": {
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src (nodejs:24)",
"product_id": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.3-3.module%2Bel9.7.0%2B24166%2B51c9666b?arch=src\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src (nodejs:24)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel9.7.0%2B24166%2B51c9666b?arch=src\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product": {
"name": "nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch (nodejs:24)",
"product_id": "nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product": {
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch (nodejs:24)",
"product_id": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.3-3.module%2Bel9.7.0%2B24166%2B51c9666b?arch=noarch\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch (nodejs:24)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel9.7.0%2B24166%2B51c9666b?arch=noarch\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch (nodejs:24)",
"product_id": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-6.module%2Bel9.7.0%2B24166%2B51c9666b?arch=noarch\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product": {
"name": "npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch (nodejs:24)",
"product_id": "npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@11.11.0-1.24.14.1.2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=aarch64\u0026epoch=3\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=ppc64le\u0026epoch=3\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=s390x\u0026epoch=3\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel9.7.0%2B24166%2B51c9666b?arch=x86_64\u0026epoch=3\u0026rpmmod=nodejs:24:9070020260402152654:rhel9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24"
},
"product_reference": "nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24"
},
"product_reference": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24"
},
"product_reference": "nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24"
},
"product_reference": "npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1527",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-03-12T21:01:21.390673+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP header injection and request smuggling vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1527"
},
{
"category": "external",
"summary": "RHBZ#2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487198",
"url": "https://hackerone.com/reports/3487198"
}
],
"release_date": "2026-03-12T20:17:18.984000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP header injection and request smuggling vulnerability"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-2581",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:10.589089+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447140"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service due to uncontrolled resource consumption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2581"
},
{
"category": "external",
"summary": "RHBZ#2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3513473",
"url": "https://hackerone.com/reports/3513473"
}
],
"release_date": "2026-03-12T20:13:19.571000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: Denial of Service due to uncontrolled resource consumption"
},
{
"cve": "CVE-2026-21637",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-01-20T21:01:26.738343+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Nodejs denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems configured according to Red Hat guidelines should have their services set to restart in the event of a process crash. This Host system service management mitigates the availability impact to Red Hat customers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21637"
},
{
"category": "external",
"summary": "RHBZ#2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
}
],
"release_date": "2026-01-20T20:41:55.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Nodejs denial of service"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-21711",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2026-03-30T20:01:55.465001+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453158"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21711"
},
{
"category": "external",
"summary": "RHBZ#2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.526000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks"
},
{
"cve": "CVE-2026-21712",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-03-30T16:02:27.812711+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453037"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21712"
},
{
"category": "external",
"summary": "RHBZ#2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3546390",
"url": "https://hackerone.com/reports/3546390"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T15:13:59.172000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing"
},
{
"cve": "CVE-2026-21713",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2026-03-30T20:02:02.430513+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453160"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21713"
},
{
"category": "external",
"summary": "RHBZ#2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification"
},
{
"cve": "CVE-2026-21714",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-03-30T20:02:06.237456+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21714"
},
{
"category": "external",
"summary": "RHBZ#2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.317000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames"
},
{
"cve": "CVE-2026-21715",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"discovery_date": "2026-03-30T20:01:25.714444+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21715"
},
{
"category": "external",
"summary": "RHBZ#2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.507000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions"
},
{
"cve": "CVE-2026-21716",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2026-03-30T20:01:51.136802+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21716"
},
{
"category": "external",
"summary": "RHBZ#2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix."
},
{
"cve": "CVE-2026-21717",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2026-03-30T20:02:10.986695+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453162"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in V8\u0027s string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8\u0027s internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21717"
},
{
"category": "external",
"summary": "RHBZ#2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.415000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T20:27:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-debugsource-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-devel-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-docs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-full-i18n-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-libs-debuginfo-1:24.14.1-2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-nodemon-0:3.0.3-3.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-0:2021.06-6.module+el9.7.0+24166+51c9666b.src::nodejs:24",
"AppStream-9.7.0.Z.MAIN:nodejs-packaging-bundler-0:2021.06-6.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:npm-1:11.11.0-1.24.14.1.2.module+el9.7.0+24166+51c9666b.noarch::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.aarch64::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.ppc64le::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.s390x::nodejs:24",
"AppStream-9.7.0.Z.MAIN:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el9.7.0+24166+51c9666b.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
}
]
}
RHSA-2026:7670
Vulnerability from csaf_redhat - Published: 2026-04-13 03:00 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.
CWE-425 - Direct Request ('Forced Browsing')| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.
CWE-279 - Incorrect Execution-Assigned Permissions| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in V8's string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8's internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* nodejs: Nodejs denial of service (CVE-2026-21637)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)\n\n* undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\n* Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions (CVE-2026-21715)\n\n* nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)\n\n* Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)\n\n* Node.js: Node.js: Information disclosure via timing oracle in HMAC verification (CVE-2026-21713)\n\n* Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames (CVE-2026-21714)\n\n* nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions (CVE-2026-21717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7670",
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "external",
"summary": "RHEL-151374",
"url": "https://issues.redhat.com/browse/RHEL-151374"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7670.json"
}
],
"title": "Red Hat Security Advisory: nodejs:24 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:34+00:00",
"generator": {
"date": "2026-07-01T00:12:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7670",
"initial_release_date": "2026-04-13T03:00:22+00:00",
"revision_history": [
{
"date": "2026-04-13T03:00:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-13T03:00:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=src\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product": {
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src (nodejs:24)",
"product_id": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.3-1.module%2Bel8.10.0%2B24190%2B49a46c75?arch=src\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src (nodejs:24)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel8.10.0%2B24190%2B49a46c75?arch=src\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product": {
"name": "nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch (nodejs:24)",
"product_id": "nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product": {
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch (nodejs:24)",
"product_id": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.3-1.module%2Bel8.10.0%2B24190%2B49a46c75?arch=noarch\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch (nodejs:24)",
"product_id": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-6.module%2Bel8.10.0%2B24190%2B49a46c75?arch=noarch\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch (nodejs:24)",
"product_id": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-6.module%2Bel8.10.0%2B24190%2B49a46c75?arch=noarch\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product": {
"name": "npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch (nodejs:24)",
"product_id": "npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@11.11.0-1.24.14.1.2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=aarch64\u0026epoch=3\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=ppc64le\u0026epoch=3\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=s390x\u0026epoch=3\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@24.14.1-2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
},
{
"category": "product_version",
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24)",
"product_id": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-13.6-devel@13.6.233.17-1.24.14.1.2.module%2Bel8.10.0%2B24190%2B49a46c75?arch=x86_64\u0026epoch=3\u0026rpmmod=nodejs:24:8100020260408131901:6d880403"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24"
},
"product_reference": "nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24"
},
"product_reference": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24"
},
"product_reference": "nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24"
},
"product_reference": "nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24"
},
"product_reference": "npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64 (nodejs:24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
},
"product_reference": "v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1527",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-03-12T21:01:21.390673+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP header injection and request smuggling vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1527"
},
{
"category": "external",
"summary": "RHBZ#2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487198",
"url": "https://hackerone.com/reports/3487198"
}
],
"release_date": "2026-03-12T20:17:18.984000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP header injection and request smuggling vulnerability"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-2581",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:10.589089+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447140"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service due to uncontrolled resource consumption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2581"
},
{
"category": "external",
"summary": "RHBZ#2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3513473",
"url": "https://hackerone.com/reports/3513473"
}
],
"release_date": "2026-03-12T20:13:19.571000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: Denial of Service due to uncontrolled resource consumption"
},
{
"cve": "CVE-2026-21637",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-01-20T21:01:26.738343+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Nodejs denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems configured according to Red Hat guidelines should have their services set to restart in the event of a process crash. This Host system service management mitigates the availability impact to Red Hat customers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21637"
},
{
"category": "external",
"summary": "RHBZ#2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
}
],
"release_date": "2026-01-20T20:41:55.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Nodejs denial of service"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-21711",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2026-03-30T20:01:55.465001+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453158"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21711"
},
{
"category": "external",
"summary": "RHBZ#2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.526000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks"
},
{
"cve": "CVE-2026-21712",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-03-30T16:02:27.812711+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453037"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21712"
},
{
"category": "external",
"summary": "RHBZ#2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3546390",
"url": "https://hackerone.com/reports/3546390"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T15:13:59.172000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing"
},
{
"cve": "CVE-2026-21713",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2026-03-30T20:02:02.430513+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453160"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21713"
},
{
"category": "external",
"summary": "RHBZ#2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification"
},
{
"cve": "CVE-2026-21714",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-03-30T20:02:06.237456+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21714"
},
{
"category": "external",
"summary": "RHBZ#2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.317000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames"
},
{
"cve": "CVE-2026-21715",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"discovery_date": "2026-03-30T20:01:25.714444+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21715"
},
{
"category": "external",
"summary": "RHBZ#2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.507000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions"
},
{
"cve": "CVE-2026-21716",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2026-03-30T20:01:51.136802+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21716"
},
{
"category": "external",
"summary": "RHBZ#2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix."
},
{
"cve": "CVE-2026-21717",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2026-03-30T20:02:10.986695+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453162"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in V8\u0027s string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8\u0027s internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21717"
},
{
"category": "external",
"summary": "RHBZ#2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.415000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T03:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-debugsource-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-devel-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-docs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-full-i18n-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:24.14.1-2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-nodemon-0:3.0.3-1.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-6.module+el8.10.0+24190+49a46c75.src::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-6.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:npm-1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75.noarch::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.aarch64::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.ppc64le::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.s390x::nodejs:24",
"AppStream-8.10.0.Z.MAIN.EUS:v8-13.6-devel-3:13.6.233.17-1.24.14.1.2.module+el8.10.0+24190+49a46c75.x86_64::nodejs:24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
}
]
}
RHSA-2026:7675
Vulnerability from csaf_redhat - Published: 2026-04-13 02:27 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.
CWE-425 - Direct Request ('Forced Browsing')| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.
CWE-279 - Incorrect Execution-Assigned Permissions| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in V8's string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8's internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs24 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a platform built on Chrome\u0027s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* nodejs: Nodejs denial of service (CVE-2026-21637)\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)\n\n* undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\n* Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions (CVE-2026-21715)\n\n* nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)\n\n* Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)\n\n* Node.js: Node.js: Information disclosure via timing oracle in HMAC verification (CVE-2026-21713)\n\n* Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames (CVE-2026-21714)\n\n* nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions (CVE-2026-21717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7675",
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7675.json"
}
],
"title": "Red Hat Security Advisory: nodejs24 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:30+00:00",
"generator": {
"date": "2026-07-01T00:12:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7675",
"initial_release_date": "2026-04-13T02:27:36+00:00",
"revision_history": [
{
"date": "2026-04-13T02:27:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-13T02:27:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-devel@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-full-i18n@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debugsource@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debuginfo@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"product": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"product_id": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs-debuginfo@24.14.1-2.el10_1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-devel@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-full-i18n@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debugsource@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debuginfo@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product_id": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs-debuginfo@24.14.1-2.el10_1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-1:24.14.1-2.el10_1.src",
"product": {
"name": "nodejs24-1:24.14.1-2.el10_1.src",
"product_id": "nodejs24-1:24.14.1-2.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24@24.14.1-2.el10_1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-devel@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-full-i18n@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debugsource@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debuginfo@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product_id": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs-debuginfo@24.14.1-2.el10_1?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-devel@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-full-i18n@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debugsource@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-debuginfo@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product_id": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-libs-debuginfo@24.14.1-2.el10_1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"product": {
"name": "nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"product_id": "nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-docs@24.14.1-2.el10_1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch",
"product": {
"name": "nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch",
"product_id": "nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs24-npm@11.11.0-1.24.14.1.2.el10_1?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-1:24.14.1-2.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src"
},
"product_reference": "nodejs24-1:24.14.1-2.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-devel-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-docs-1:24.14.1-2.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch"
},
"product_reference": "nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64"
},
"product_reference": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le"
},
"product_reference": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x"
},
"product_reference": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64"
},
"product_reference": "nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
},
"product_reference": "nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1527",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-03-12T21:01:21.390673+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the `upgrade` option of `client.request()`. This is possible because undici does not properly validate input for invalid header characters, which could lead to unauthorized information disclosure or bypassing of security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP header injection and request smuggling vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1527"
},
{
"category": "external",
"summary": "RHBZ#2447141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487198",
"url": "https://hackerone.com/reports/3487198"
}
],
"release_date": "2026-03-12T20:17:18.984000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP header injection and request smuggling vulnerability"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-2581",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:10.589089+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447140"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undici. When the `interceptors.deduplicate()` feature is enabled, response data for deduplicated requests can accumulate in memory. A remote attacker, by sending large or chunked responses and concurrent identical requests from an untrusted endpoint, can exploit this uncontrolled resource consumption. This leads to high memory usage and potential Out-Of-Memory (OOM) process termination, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service due to uncontrolled resource consumption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2581"
},
{
"category": "external",
"summary": "RHBZ#2447140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3513473",
"url": "https://hackerone.com/reports/3513473"
}
],
"release_date": "2026-03-12T20:13:19.571000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: Denial of Service due to uncontrolled resource consumption"
},
{
"cve": "CVE-2026-21637",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-01-20T21:01:26.738343+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when `pskCallback` or `ALPNCallback` are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. This vulnerability affects TLS servers using PSK or ALPN callbacks across Node.js versions where these callbacks throw without being safely wrapped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Nodejs denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems configured according to Red Hat guidelines should have their services set to restart in the event of a process crash. This Host system service management mitigates the availability impact to Red Hat customers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21637"
},
{
"category": "external",
"summary": "RHBZ#2431340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21637"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
}
],
"release_date": "2026-01-20T20:41:55.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Nodejs denial of service"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-21711",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2026-03-30T20:01:55.465001+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453158"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, designed to restrict network access, incorrectly omits permission checks for Unix Domain Socket (UDS) server operations. This allows local code, even when explicitly denied network access, to create and expose inter-process communication (IPC) endpoints. As a result, unauthorized communication can occur between processes on the same host, bypassing the intended network security restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21711"
},
{
"category": "external",
"summary": "RHBZ#2453158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21711"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.526000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks"
},
{
"cve": "CVE-2026-21712",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-03-30T16:02:27.812711+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453037"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. This vulnerability allows an attacker to cause a Denial of Service (DoS) by providing a malformed Internationalized Domain Name (IDN) to the `url.format()` function. When processed, this malformed input triggers an internal error, causing the Node.js application to crash. This can disrupt services and make them unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21712"
},
{
"category": "external",
"summary": "RHBZ#2453037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453037"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21712"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3546390",
"url": "https://hackerone.com/reports/3546390"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T15:13:59.172000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing"
},
{
"cve": "CVE-2026-21713",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2026-03-30T20:02:02.430513+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453160"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The HMAC (Hash-based Message Authentication Code) verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurements are possible, could be exploited by a remote attacker. This allows the attacker to infer sensitive HMAC values, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21713"
},
{
"category": "external",
"summary": "RHBZ#2453160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453160"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21713"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Information disclosure via timing oracle in HMAC verification"
},
{
"cve": "CVE-2026-21714",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-03-30T20:02:06.237456+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability in Node.js HTTP/2 servers by sending specially crafted WINDOW_UPDATE frames on stream 0 (connection-level). These frames can cause the flow control window to exceed its maximum value, leading to a memory leak as Http2Session objects are not properly cleaned up. This can result in resource exhaustion and a Denial of Service (DoS) condition for the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21714"
},
{
"category": "external",
"summary": "RHBZ#2453161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21714"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.317000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames"
},
{
"cve": "CVE-2026-21715",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"discovery_date": "2026-03-30T20:01:25.714444+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the `fs.realpathSync.native()` function. This vulnerability allows code operating under `--permission` with restricted `--allow-fs-read` flags to bypass security controls. Consequently, an attacker can use `fs.realpathSync.native()` to determine file existence, resolve symbolic link targets, and enumerate filesystem paths outside of permitted directories, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21715"
},
{
"category": "external",
"summary": "RHBZ#2453152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21715"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.507000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions"
},
{
"cve": "CVE-2026-21716",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2026-03-30T20:01:51.136802+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied. Such a bypass could lead to unauthorized changes to system files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21716"
},
{
"category": "external",
"summary": "RHBZ#2453157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21716"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix."
},
{
"cve": "CVE-2026-21717",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2026-03-30T20:02:10.986695+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453162"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in V8\u0027s string hashing mechanism within Node.js. A remote attacker can exploit this vulnerability by crafting requests containing integer-like strings. These specially crafted strings cause predictable hash collisions in V8\u0027s internal string table, particularly when processed by functions like JSON.parse() on attacker-controlled input. This can significantly degrade the performance of the Node.js process, leading to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21717"
},
{
"category": "external",
"summary": "RHBZ#2453162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21717"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.415000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-13T02:27:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.src",
"AppStream-10.1.Z:nodejs24-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-debugsource-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-devel-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-docs-1:24.14.1-2.el10_1.noarch",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-full-i18n-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.aarch64",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.ppc64le",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.s390x",
"AppStream-10.1.Z:nodejs24-libs-debuginfo-1:24.14.1-2.el10_1.x86_64",
"AppStream-10.1.Z:nodejs24-npm-1:11.11.0-1.24.14.1.2.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
}
]
}
RHSA-2026:7983
Vulnerability from csaf_redhat - Published: 2026-04-14 07:23 - Updated: 2026-07-01 00:12A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7983",
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7983.json"
}
],
"title": "Red Hat Security Advisory: nodejs:22 security update",
"tracking": {
"current_release_date": "2026-07-01T00:12:31+00:00",
"generator": {
"date": "2026-07-01T00:12:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7983",
"initial_release_date": "2026-04-14T07:23:22+00:00",
"revision_history": [
{
"date": "2026-04-14T07:23:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-14T07:23:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:12:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=src\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel9.6.0%2B23473%2B45664c2d?arch=src\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.6.0%2B23473%2B45664c2d?arch=src\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"product": {
"name": "nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch (nodejs:22)",
"product_id": "nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch (nodejs:22)",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel9.6.0%2B23473%2B45664c2d?arch=noarch\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch (nodejs:22)",
"product_id": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.6.0%2B23473%2B45664c2d?arch=noarch\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch (nodejs:22)",
"product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel9.6.0%2B23473%2B45664c2d?arch=noarch\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=aarch64\u0026epoch=3\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=ppc64le\u0026epoch=3\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=s390x\u0026epoch=3\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@22.22.2-1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.9.7-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
},
{
"category": "product_version",
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22)",
"product_id": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v8-12.4-devel@12.4.254.21-1.22.22.2.1.module%2Bel9.6.0%2B24196%2B39669d4e?arch=x86_64\u0026epoch=3\u0026rpmmod=nodejs:22:9060020260409121057:rhel9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22"
},
"product_reference": "nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64 (nodejs:22) as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
},
"product_reference": "v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-21710",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-03-30T20:01:21.196629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named `__proto__`. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an application crash. This can result in a Denial of Service (DoS), making the affected service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21710"
},
{
"category": "external",
"summary": "RHBZ#2453151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases",
"url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"
}
],
"release_date": "2026-03-30T19:07:28.558000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header"
},
{
"cve": "CVE-2026-25547",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-02-04T22:01:11.784120+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the brace-expansion component. This denial of service (DoS) vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory resources. This can lead to a system crash, impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "RHBZ#2436942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"category": "external",
"summary": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
"url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
}
],
"release_date": "2026-02-04T21:51:17.198000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-18T19:02:13.823002+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448754"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27135"
},
{
"category": "external",
"summary": "RHBZ#2448754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1",
"url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6"
}
],
"release_date": "2026-03-18T17:59:02.045000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T07:23:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-debugsource-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-devel-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-docs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-full-i18n-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-libs-debuginfo-1:22.22.2-1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-nodemon-0:3.0.1-1.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-0:2021.06-4.module+el9.6.0+23473+45664c2d.src::nodejs:22",
"AppStream-9.6.0.Z.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.6.0+23473+45664c2d.noarch::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:npm-1:10.9.7-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.aarch64::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.ppc64le::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.s390x::nodejs:22",
"AppStream-9.6.0.Z.EUS:v8-12.4-devel-3:12.4.254.21-1.22.22.2.1.module+el9.6.0+24196+39669d4e.x86_64::nodejs:22"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.